install Edge Transport in Exchange 2003 Organization

Home

Kaiming

W2003:

Set its primary DNS Suffix to OPATH.COM and its primary DNS server to 191.121.121.1.

Install Active Directory Application Mode SP1.

Install Exchange 2007 SP1 with Edge Transport Role selected.

VANT:

Install Certificate Authority on VANT: standalone

W2003--Edge Transport server --Certificate

http://vant.opath.com/sertsrv

Download a CA certificate, Certificate Chain, or CRL

Install this CA certificate chain

New-ExchangeCertificate -GenerateRequest -FriendlyName "W2003 Edge Certificate" -Path c:\w2003.p7c -SubjectName "DC=COM,DC=OPATH,CN=w2003.opath.com" -DomainName w2003,w2003.opath.com,opath.com

TLS

Import-ExchangeCertificate -Path c:\certnew.p7b | Enable-ExchangeCertificate -Services smtp

VanT.opath.com

Save the certificate request file as c:\certreq.txt;

Open c:\certreq.txt, Select All and Copy;

http://vanT.opath.com/certsrv/ --Request a Certificate;

Certificate Authority --Issue the certificate

http://vanT.opath.com/certsrv/ --download the certificate and save it as c:\certnew.cer

Create an account smarthost@opath.com

Add smarthost@opath.com to Exchange Domain Servers group.

W2003.opath.com

$credential= Get-Credential

New-SendConnector -Name "To-Opath.com" -Usage Internal -AddressSpaces "--" -DNSRoutingEnabled $false -SmartHosts vanT.opath.com -SmartHostAuthMechanism BasicAuthRequireTLS -AuthenticationCredential $credential

Add-ADPermission -Identity "To-Opath.com" -User "NT Authority\Anonymous Logon" -ExtendedRights ms-Exch-SMTP-Send-Exch50

/***the XExch50 data contains SPAM Confidence Level (SCL) for a message ***/. To use Exchange 2007

Create an account: w2003\smarthost

Get-ReceiveConnector | Remove-ReceiveConnector

New-ReceiveConnector -Name "From-opath.com" -Usage internal -AuthMechanism Tls,BasicAuth,BasicAuthRequireTLS -Bindings 0.0.0.0:25 -RemoteIPRanges 191.121.121.1

Add-ADPermission -Identity "From-Opath.com" -User "W2003\smarthost" -ExtendedRights ms-Exch-SMTP-Submit,ms-Exch-Accept-Headers-Routing,ms-Exch-SMTP-Accept-any-Recipient,ms-Exch-SMTP-Accept-Authoritative-Domain-Sender

/***ms-Exch-SMTP-Accept-Any-Recipient is for relaying. The edge transport server will relay mail for w2003\smarthost user***/

$credential = Get-Credential

New-SendConnector -Name "To-Internet" -Usage Internet -AddressSpaces 'SMTP:*;1' -DNSRoutingEnabled $false -SmartHosts postbox.postbox.joymaininc.com -SmartHostAuthMechanism BasicAuth -AuthenticationCredential $credential

New-AcceptedDomain -Name 'opath.com' -DomainName 'opath.com' -DomainType 'Authoritative'

VANT.OPATH.COM